package cn.pet.service.manage.controller;

import cn.pet.service.manage.auth.MyAuthenticationProvider;
import cn.pet.service.manage.common.Response;
import cn.pet.service.manage.entity.PetUser;
import cn.pet.service.manage.entity.api.Result;
import cn.pet.service.manage.entity.dto.LoginDTO;
import cn.pet.service.manage.entity.vo.UserVO;
import cn.pet.service.manage.mapstruct.UserMapstruct;
import cn.pet.service.manage.service.PetUserService;
import cn.pet.service.manage.utils.ConstantUtil;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import lombok.AllArgsConstructor;
import org.springframework.security.core.Authentication;
import org.springframework.util.DigestUtils;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;

/**
 * @author zwr
 * @version 1.0
 * @description TODO
 * @date 2023/2/11 12:39
 */
@RestController
@RequestMapping("/auth")
@AllArgsConstructor
public class LoginController {

    private final PetUserService petUserService;

    private final MyAuthenticationProvider authenticationProvider;


    /**
     * 登录接口
     * @return
     */
    @PostMapping("login")
    public Object login(HttpServletRequest request,@RequestBody LoginDTO loginDTO){
        //1、将页面提交的密码password进行md5加密处理
        String password = loginDTO.getPassword();
        password = DigestUtils.md5DigestAsHex(password.getBytes());

        //2、根据页面提交的用户名username查询数据库
        LambdaQueryWrapper<PetUser> queryWrapper = new LambdaQueryWrapper<>();
        queryWrapper.eq(PetUser::getUsername,loginDTO.getUsername())
                .eq(PetUser::getPassword,password)
                .ne(PetUser::getUserType, ConstantUtil.MEMBER);
        PetUser petUser = petUserService.getOne(queryWrapper);
        //3、如果没有查询到则返回登录失败结果
        if(petUser == null){
            return Response.error("用户名或密码错误");
        }
        //5、查看管理员状态，如果为已禁用状态，则返回员工已禁用结果
        if(ConstantUtil.USER_NOT_USER.equals(petUser.getStatus())){
            return Response.error("账号已禁用");
        }
        //6、登录成功，将员工id存入Session并返回登录成功结果
        request.getSession().setAttribute("admin",petUser.getId());
        UserVO userVO = new UserVO();
        userVO = UserMapstruct.INSTANCE.userToUserVo(petUser,userVO);
        return Result.ok("查看成功",userVO);
    }


    /**
     * 退出登录
     * @param request
     * @return
     */
    @PostMapping("logout")
    public Object logout(HttpServletRequest request){
        //清理Session中保存的当前登录员工的id
        request.getSession().removeAttribute("admin");
        return Result.ok("退出成功");
    }

    @PostMapping("security/login")
    public Object login(@RequestBody LoginDTO dto){
        Authentication authentication = authenticationProvider.authenticate(dto.getUsername(), dto.getPassword());
        return Result.ok("success",authentication.getCredentials());
    }

}
